1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
|
#!/usr/bin/env python
# SPDX-License-Identifier: GPL-2.0-or-later
#
# test_nhrp_redundancy.py
#
# Copyright 2024, LabN Consulting, L.L.C.
# Dave LeRoy
#
import os
import sys
import json
from time import sleep
from functools import partial
import pytest
# pylint: disable=C0413
# Import topogen and topotest helpers
from lib import topotest
from lib.topogen import Topogen, TopoRouter, get_topogen
from lib.topolog import logger
from lib.common_config import (
required_linux_kernel_version,
shutdown_bringup_interface,
retry,
)
"""
test_nhrp_redundancy.py: Test NHS redundancy for NHRP
"""
TOPOLOGY = """
+------------+ +------------+ +------------+
| | | | | |
| | | | | |
| NHS 1 | | NHS 2 | | NHS 3 |
| | | | | |
+-----+------+ +-----+------+ +-----+------+
|.1 |.2 |.3
| | |
| | 192.168.1.0/24 |
------+-------------------------------+------------------+-------------+------
|
|.6
GRE P2MP between all NHS and NHC +-----+------+
172.16.1.x/32 | |
| |
| Router |
| |
+-----+------+
|
|
---------+----------------+-------------+------
| 192.168.2.0/24 |
| |
| |.4 |.5
+------------+ | +-------+----+ +------+-----+ |
| | | | | | | |
| | +--------+ | | | |
| Host |.7 | | NHC 1 | | NHC 2 +-----+5.5.5.0/24
| +---------+ | | | | |
+------------+ | +------------+ +------------+ |
| |
4.4.4.0/24
"""
# Save the Current Working Directory to find configuration files.
CWD = os.path.dirname(os.path.realpath(__file__))
sys.path.append(os.path.join(CWD, "../"))
# Required to instantiate the topology builder class.
pytestmark = [pytest.mark.nhrpd]
def build_topo(tgen):
"Build function"
# Create 7 routers
for routern in range(1, 8):
tgen.add_router("r{}".format(routern))
# Interconnect routers 1, 2, 3, 6
switch = tgen.add_switch("s1")
switch.add_link(tgen.gears["r1"])
switch.add_link(tgen.gears["r2"])
switch.add_link(tgen.gears["r3"])
switch.add_link(tgen.gears["r6"])
# Interconnect routers 4, 5, 6
switch = tgen.add_switch("s2")
switch.add_link(tgen.gears["r4"])
switch.add_link(tgen.gears["r5"])
switch.add_link(tgen.gears["r6"])
# Connect router 4, 7
switch = tgen.add_switch("s3")
switch.add_link(tgen.gears["r4"])
switch.add_link(tgen.gears["r7"])
# Connect router 5
switch = tgen.add_switch("s4")
switch.add_link(tgen.gears["r5"])
def _populate_iface():
tgen = get_topogen()
cmds_tot_hub = [
"ip tunnel add {0}-gre0 mode gre ttl 64 key 42 dev {0}-eth0 local 192.168.1.{1} remote 0.0.0.0",
"ip link set dev {0}-gre0 up",
"echo 0 > /proc/sys/net/ipv4/ip_forward_use_pmtu",
"echo 1 > /proc/sys/net/ipv6/conf/{0}-eth0/disable_ipv6",
"echo 1 > /proc/sys/net/ipv6/conf/{0}-gre0/disable_ipv6",
"iptables -A FORWARD -i {0}-gre0 -o {0}-gre0 -m hashlimit --hashlimit-upto 4/minute --hashlimit-burst 1 --hashlimit-mode srcip,dstip --hashlimit-srcmask 24 --hashlimit-dstmask 24 --hashlimit-name loglimit-0 -j NFLOG --nflog-group 1 --nflog-range 128",
]
cmds_tot = [
"ip tunnel add {0}-gre0 mode gre ttl 64 key 42 dev {0}-eth0 local 192.168.2.{1} remote 0.0.0.0",
"ip link set dev {0}-gre0 up",
"echo 0 > /proc/sys/net/ipv4/ip_forward_use_pmtu",
"echo 1 > /proc/sys/net/ipv6/conf/{0}-eth0/disable_ipv6",
"echo 1 > /proc/sys/net/ipv6/conf/{0}-gre0/disable_ipv6",
]
for cmd in cmds_tot_hub:
# Router 1
input = cmd.format("r1", "1")
logger.info("input: " + input)
output = tgen.net["r1"].cmd(input)
logger.info("output: " + output)
# Router 2
input = cmd.format("r2", "2")
logger.info("input: " + input)
output = tgen.net["r2"].cmd(input)
logger.info("output: " + output)
# Router 3
input = cmd.format("r3", "3")
logger.info("input: " + input)
output = tgen.net["r3"].cmd(input)
logger.info("output: " + output)
for cmd in cmds_tot:
input = cmd.format("r4", "4")
logger.info("input: " + input)
output = tgen.net["r4"].cmd(input)
logger.info("output: " + output)
input = cmd.format("r5", "5")
logger.info("input: " + input)
output = tgen.net["r5"].cmd(input)
logger.info("output: " + output)
def _verify_iptables():
tgen = get_topogen()
# Verify iptables is installed. Required for shortcuts
rc, _, _ = tgen.net["r1"].cmd_status("iptables")
return False if rc == 127 else True
def setup_module(mod):
logger.info("NHRP Redundant NHS:\n {}".format(TOPOLOGY))
result = required_linux_kernel_version("5.0")
if result is not True:
pytest.skip("Kernel requirements are not met")
tgen = Topogen(build_topo, mod.__name__)
tgen.start_topology()
# Starting Routers
router_list = tgen.routers()
_populate_iface()
for rname, router in router_list.items():
router.load_config(
TopoRouter.RD_ZEBRA,
os.path.join(CWD, "{}/zebra.conf".format(rname)),
)
if rname in ("r1", "r2", "r3", "r4", "r5"):
router.load_config(
TopoRouter.RD_NHRP, os.path.join(CWD, "{}/nhrpd.conf".format(rname))
)
# Initialize all routers.
tgen.start_router()
def teardown_module(_mod):
"Teardown the pytest environment"
tgen = get_topogen()
tgen.stop_topology()
def test_protocols_convergence():
"""
Assert that all protocols have converged before checking for the NHRP
statuses as they depend on it.
"""
tgen = get_topogen()
if tgen.routers_have_failure():
pytest.skip(tgen.errors)
logger.info("Checking NHRP cache and IPv4 routes for convergence")
router_list = tgen.routers()
# Check NHRP cache on servers and clients
for rname, router in router_list.items():
json_file = "{}/{}/nhrp_cache.json".format(CWD, router.name)
if not os.path.isfile(json_file):
logger.info("skipping file {}".format(json_file))
continue
expected = json.loads(open(json_file).read())
test_func = partial(
topotest.router_json_cmp, router, "show ip nhrp cache json", expected
)
_, result = topotest.run_and_expect(test_func, None, count=40, wait=0.5)
output = router.vtysh_cmd("show ip nhrp cache")
logger.info(output)
assertmsg = '"{}" JSON output mismatches'.format(router.name)
assert result is None, assertmsg
# Check NHRP IPV4 routes on servers and clients
for rname, router in router_list.items():
json_file = "{}/{}/nhrp_route.json".format(CWD, router.name)
if not os.path.isfile(json_file):
logger.info("skipping file {}".format(json_file))
continue
expected = json.loads(open(json_file).read())
test_func = partial(
topotest.router_json_cmp, router, "show ip route nhrp json", expected
)
_, result = topotest.run_and_expect(test_func, None, count=40, wait=0.5)
output = router.vtysh_cmd("show ip route nhrp")
logger.info(output)
assertmsg = '"{}" JSON output mismatches'.format(router.name)
assert result is None, assertmsg
# Test connectivity from 1 NHRP server to all clients
pingrouter = tgen.gears["r1"]
logger.info("Check Ping IPv4 from R1 to R4 = 176.16.1.4)")
output = pingrouter.run("ping 176.16.1.4 -f -c 1000")
logger.info(output)
if "1000 packets transmitted, 1000 received" not in output:
assertmsg = "expected ping IPv4 from R1 to R4 should be ok"
assert 0, assertmsg
else:
logger.info("Check Ping IPv4 from R1 to R4 OK")
logger.info("Check Ping IPv4 from R1 to R5 = 176.16.1.5)")
output = pingrouter.run("ping 176.16.1.5 -f -c 1000")
logger.info(output)
if "1000 packets transmitted, 1000 received" not in output:
assertmsg = "expected ping IPv4 from R1 to R5 should be ok"
assert 0, assertmsg
else:
logger.info("Check Ping IPv4 from R1 to R5 OK")
# Test connectivity from 1 NHRP client to all servers
pingrouter = tgen.gears["r4"]
logger.info("Check Ping IPv4 from R4 to R1 = 176.16.1.1)")
output = pingrouter.run("ping 176.16.1.1 -f -c 1000")
logger.info(output)
if "1000 packets transmitted, 1000 received" not in output:
assertmsg = "expected ping IPv4 from R4 to R1 should be ok"
assert 0, assertmsg
else:
logger.info("Check Ping IPv4 from R4 to R1 OK")
logger.info("Check Ping IPv4 from R4 to R2 = 176.16.1.2)")
output = pingrouter.run("ping 176.16.1.2 -f -c 1000")
logger.info(output)
if "1000 packets transmitted, 1000 received" not in output:
assertmsg = "expected ping IPv4 from R4 to R2 should be ok"
assert 0, assertmsg
else:
logger.info("Check Ping IPv4 from R4 to R2 OK")
logger.info("Check Ping IPv4 from R4 to R3 = 176.16.1.3)")
output = pingrouter.run("ping 176.16.1.3 -f -c 1000")
logger.info(output)
if "1000 packets transmitted, 1000 received" not in output:
assertmsg = "expected ping IPv4 from R4 to R3 should be ok"
assert 0, assertmsg
else:
logger.info("Check Ping IPv4 from R4 to R3 OK")
@retry(retry_timeout=30, initial_wait=5)
def verify_shortcut_path():
"""
Verifying that traffic flows through shortcut path
"""
tgen = get_topogen()
pingrouter = tgen.gears["r7"]
logger.info("Check Ping IPv4 from R7 to R5 = 5.5.5.5")
output = pingrouter.run("ping 5.5.5.5 -f -c 1000")
logger.info(output)
if "1000 packets transmitted, 1000 received" not in output:
assertmsg = "expected ping IPv4 from R7 to R5 should be ok"
assert 0, assertmsg
else:
logger.info("Check Ping IPv4 from R7 to R5 OK")
def test_redundancy_shortcut():
"""
Assert that if shortcut created and then NHS goes down, there is no traffic disruption
Stop traffic and verify next time traffic started, shortcut is initiated by backup NHS
"""
tgen = get_topogen()
if tgen.routers_have_failure():
pytest.skip(tgen.errors)
if not _verify_iptables():
pytest.skip("iptables not installed")
logger.info("Testing NHRP shortcuts with redundant servers")
# Verify R4 nhrp routes before shortcut creation
router = tgen.gears["r4"]
json_file = "{}/{}/nhrp_route.json".format(CWD, router.name)
assertmsg = "No nhrp_route file found"
assert os.path.isfile(json_file), assertmsg
expected = json.loads(open(json_file).read())
test_func = partial(
topotest.router_json_cmp, router, "show ip route nhrp json", expected
)
_, result = topotest.run_and_expect(test_func, None, count=40, wait=0.5)
output = router.vtysh_cmd("show ip route nhrp")
logger.info(output)
assertmsg = '"{}" JSON output mismatches'.format(router.name)
assert result is None, assertmsg
# Initiate shortcut by pinging between clients
pingrouter = tgen.gears["r7"]
logger.info("Check Ping IPv4 from R7 to R5 via shortcut = 5.5.5.5")
output = pingrouter.run("ping 5.5.5.5 -f -c 1000")
logger.info(output)
if "1000 packets transmitted, 1000 received" not in output:
assertmsg = "expected ping IPv4 from R7 to R5 via shortcut should be ok"
assert 0, assertmsg
else:
logger.info("Check Ping IPv4 from R7 to R5 via shortcut OK")
# Now check that NHRP shortcut route installed
json_file = "{}/{}/nhrp_route_shortcut.json".format(CWD, router.name)
assertmsg = "No nhrp_route file found"
assert os.path.isfile(json_file), assertmsg
expected = json.loads(open(json_file).read())
test_func = partial(
topotest.router_json_cmp, router, "show ip route nhrp json", expected
)
_, result = topotest.run_and_expect(test_func, None, count=40, wait=0.5)
output = router.vtysh_cmd("show ip route nhrp")
logger.info(output)
assertmsg = '"{}" JSON output mismatches'.format(router.name)
assert result is None, assertmsg
# Bring down primary GRE interface and verify shortcut is not disturbed
logger.info("Bringing down R1, primary NHRP server.")
shutdown_bringup_interface(tgen, "r1", "r1-gre0", False)
# Verify shortcut is still active
pingrouter = tgen.gears["r7"]
logger.info("Check Ping IPv4 from R7 to R5 via shortcut = 5.5.5.5")
output = pingrouter.run("ping 5.5.5.5 -f -c 1000")
logger.info(output)
if "1000 packets transmitted, 1000 received" not in output:
assertmsg = "expected ping IPv4 from R7 to R5 via shortcut should be ok"
assert 0, assertmsg
else:
logger.info("Check Ping IPv4 from R7 to R5 via shortcut OK")
# Now verify shortcut is purged with lack of traffic
json_file = "{}/{}/nhrp_route.json".format(CWD, router.name)
assertmsg = "No nhrp_route file found"
assert os.path.isfile(json_file), assertmsg
expected = json.loads(open(json_file).read())
test_func = partial(
topotest.router_json_cmp, router, "show ip route nhrp json", expected
)
_, result = topotest.run_and_expect(test_func, None, count=40, wait=0.5)
output = router.vtysh_cmd("show ip route nhrp")
logger.info(output)
assertmsg = '"{}" JSON output mismatches'.format(router.name)
assert result is None, assertmsg
def test_memory_leak():
"Run the memory leak test and report results."
tgen = get_topogen()
if not tgen.is_memleak_enabled():
pytest.skip("Memory leak test/report is disabled")
tgen.report_memory_leaks()
if __name__ == "__main__":
args = ["-s"] + sys.argv[1:]
sys.exit(pytest.main(args))
|
